As 2022 draws to a close, the team has taken stock of the top 10 most read stories from the past 12 months, as read by you, our readers. Without further ado, here’s the list!
- Anonymous Hacking Group Declares “Cyber War” Against Russia The first half of 2022 was dominated by the cyber fallout from the Russian invasion of Ukraine at the end of February. One headline that dominated was the Anonymous hacking group’s declaration of cyber war against Vladimir Putin’s government. Following the declaration, we saw Russian state TV channels hacked and other disruptive activities attributed to the hacktivist group.
- Russian Hackers Take Aim at Kremlin Targets: Report In an unusual turn of events, 2022 saw some Russian threat actors begin launching cyber-attacks at targets inside their country in retaliation for what they saw as a needless war with Ukraine, according to the Kyiv Post. While Russian-based threat actors are nothing new it is highly unusual to see them turn on their own nation’s government and infrastructure.
- Eugene Kaspersky's Statement Provokes Controversy Within Cybersecurity Industry One of cybersecurity’s biggest names, Kaspersky, provoked a strong reaction after the company’s CEO broke his silence on the conflict between Russia and Ukraine. Eugene Kaspersky, CEO of the Russian-headquartered IT security vendor, said he welcomed negotiations to begin to resolve the conflict, stating “War isn’t good for anyone.” Some commentators in the cybersecurity world criticized the CEO’s neutral choice of language.
- Multiple RCE Vulnerabilities Discovered in Veeam Backup & Replication App Remote code execution (RCE) hit the headlines in October as several critical and high-severity vulnerabilities have been discovered affecting the Veeam Backup & Replication application. Security researchers at CloudSEK published an advisory stating that several threat actors were seen advertising the fully weaponized tool for RCE to explode a number of CVEs affecting the Veeam application.
- Thousands of Schools Impacted After IT Provider Hit by Ransomware School systems were a significant target for threat actors in 2022 and in January a provider of school website infrastructure was hit by a ransomware attack. Finalsite, a school website provider, identified ransomware on certain systems within their environment. It was claimed that up to 5000 schools were taken offline during the period of the incident.
- Anonymous Claims to Have Leaked Over 360,000 Files From Russian Federal Agency Continuing their disruptive activity against Russian organizations, hacktivist group Anonymous claimed in March that it has breached the database of the Russian federal agency responsible for the supervision of communications, information technology and mass media, leaking over 360,000 files in the process.
- Ransomware Group Bypasses "Enormous" Range of EDR Tools Ransomware gangs continued to develop their tactics in 2022 and it is now understood their sophisticated techniques bypass many endpoint detection and response (EDR) tools. According to Sophos, a UK cybersecurity firm, BlackByte, which the US government has said poses a serious threat to critical infrastructure, used a “Bring Your Own Driver” technique to circumvent over 1000 drivers used by commercially available EDR products.
- Microsoft Issues Out-of-Band Update for Patch Tuesday Problems In January, Microsoft was forced to issue an out-of-band update to fix several problems reported by system administrators following the month’s Patch Tuesday. Microsoft kicked off 2022 with fixes for 97 CVEs, including six publicly disclosed but not exploited.
- CISA Publishes Multi-Factor Authentication Guidelines to Tackle Phishing Multi-factor authentication (MFA) is a critical tool for cybersecurity professionals to deploy to ensure secure access. In November, the Cybersecurity and Infrastructure Security Agency (CISA) published two fact sheets designed to highlight threats against accounts and systems using certain forms of MFA. The CISA recommended deploying phishing-resistant MFA solutions based on FIDO/WebAuthn and public key infrastructure (PKI).
- US Bank Data Breach Impacts Over 1.5 Million Customers Banks and financial services continue to be lucrative targets for threat actors. In June, it was revealed that one of America’s largest banks suffered a major data breach impacting more than 1.5 million customers. The Michigan-headquartered Flagstar Bank issued a data notification letter which revealed the firm experienced unauthorized access to its network between December 3, 2021 and December 4, 2021.